Block storage host auth (softlayer#742)

Tyler Britten · sudorandom · commit 6e1548c1e46c · 2016-07-26T18:10:48.000-05:00
* Cherrypick block-host-auth from iodine53 brand

* fixed syntax

* Fixed duplicated routes from merge. Changed client references to match 5.1.0 block manager

* Fixed bad IP address handling

* removed cherrypick comments

* Flake8 Cleanup

* Flake8 fix

* replaced underscores for dashes on CLI

* fixed CLI dashes/underscores

* Updated authorize/revoke api calls.

* Flake8 Fixes

* ACTUALLY fixed for Flake8
diff --git a/SoftLayer/CLI/block/access/__init__.py b/SoftLayer/CLI/block/access/__init__.py
@@ -0,0 +1 @@
+"""Block Storage Access Control."""
diff --git a/SoftLayer/CLI/block/access/authorize.py b/SoftLayer/CLI/block/access/authorize.py
@@ -0,0 +1,42 @@
+"""Create a block storage snapshot."""
+# :license: MIT, see LICENSE for more details.
+
+import click
+import SoftLayer
+from SoftLayer.CLI import environment
+from SoftLayer.CLI import exceptions
+
+
+@click.command()
+@click.argument('volume_id')
+@click.option('--hardware-id', '-h', multiple=True,
+              help='The id of one SoftLayer_Hardware to authorize')
+@click.option('--virtual-id', '-v', multiple=True,
+              help='The id of one SoftLayer_Virtual_Guest to authorize')
+@click.option('--ip-address-id', '-i', multiple=True,
+              help='The id of one SoftLayer_Network_Subnet_IpAddress'
+              ' to authorize')
+@click.option('--ip-address', multiple=True,
+              help='An IP address to authorize')
+@environment.pass_env
+def cli(env, volume_id, hardware_id, virtual_id, ip_address_id, ip_address):
+    """Authorizes hosts to access a given volume"""
+    block_manager = SoftLayer.BlockStorageManager(env.client)
+    ip_address_id_list = list(ip_address_id)
+
+    # Convert actual IP Addresses to their SoftLayer ids
+    if ip_address is not None:
+        network_manager = SoftLayer.NetworkManager(env.client)
+        for ip_address_value in ip_address:
+            ip_address_object = network_manager.ip_lookup(ip_address_value)
+            if ip_address_object == "":
+                click.echo("IP Address not found on your account.  " +
+                           "Please confirm IP and try again.")
+                raise exceptions.ArgumentError('Incorrect IP Address')
+            else:
+                ip_address_id_list.append(ip_address_object['id'])
+
+    block_manager.authorize_host_to_volume(volume_id,
+                                           hardware_id,
+                                           virtual_id,
+                                           ip_address_id_list)
diff --git a/SoftLayer/CLI/block/access/revoke.py b/SoftLayer/CLI/block/access/revoke.py
@@ -0,0 +1,38 @@
+"""Create a block storage snapshot."""
+# :license: MIT, see LICENSE for more details.
+
+import click
+import SoftLayer
+from SoftLayer.CLI import environment
+
+
+@click.command()
+@click.argument('volume_id')
+@click.option('--hardware-id', '-h', multiple=True,
+              help='The id of one SoftLayer_Hardware'
+              ' to revoke authorization')
+@click.option('--virtual-id', '-v', multiple=True,
+              help='The id of one SoftLayer_Virtual_Guest'
+              ' to revoke authorization')
+@click.option('--ip_address-id', '-i', multiple=True,
+              help='The id of one SoftLayer_Network_Subnet_IpAddress'
+              ' to revoke authorization')
+@click.option('--ip-address', multiple=True,
+              help='An IP address to revoke authorization')
+@environment.pass_env
+def cli(env, volume_id, hardware_id, virtual_id, ip_address_id, ip_address):
+    """Revokes authorization for hosts accessing a given volume"""
+    block_manager = SoftLayer.BlockStorageManager(env.client)
+    ip_address_id_list = list(ip_address_id)
+
+    # Convert actual IP Addresses to their SoftLayer ids
+    if ip_address is not None:
+        network_manager = SoftLayer.NetworkManager(env.client)
+        for ip_address_value in ip_address:
+            ip_address_object = network_manager.ip_lookup(ip_address_value)
+            ip_address_id_list.append(ip_address_object['id'])
+
+    block_manager.deauthorize_host_to_volume(volume_id,
+                                             hardware_id,
+                                             virtual_id,
+                                             ip_address_id_list)
diff --git a/SoftLayer/CLI/routes.py b/SoftLayer/CLI/routes.py
@@ -61,9 +61,13 @@
     ('block:volume-detail', 'SoftLayer.CLI.block.detail:cli'),
     ('block:volume-cancel', 'SoftLayer.CLI.block.cancel:cli'),
     ('block:volume-order', 'SoftLayer.CLI.block.order:cli'),
+
     ('block:snapshot-list', 'SoftLayer.CLI.block.snapshot_list:cli'),
     ('block:snapshot-delete', 'SoftLayer.CLI.block.snapshot_delete:cli'),
+
     ('block:access-list', 'SoftLayer.CLI.block.access_list:cli'),
+    ('block:access-authorize', 'SoftLayer.CLI.block.access.authorize:cli'),
+    ('block:access-revoke', 'SoftLayer.CLI.block.access.revoke:cli'),
 
     ('firewall', 'SoftLayer.CLI.firewall'),
     ('firewall:add', 'SoftLayer.CLI.firewall.add:cli'),
diff --git a/SoftLayer/fixtures/SoftLayer_Network_Storage.py b/SoftLayer/fixtures/SoftLayer_Network_Storage.py
@@ -63,3 +63,5 @@
 }
 getSnapshots = []
 deleteObject = True
+allowAccessFromHostList = True
+removeAccessFromHostList = True
diff --git a/SoftLayer/managers/block.py b/SoftLayer/managers/block.py
@@ -135,6 +135,80 @@ def get_block_volume_snapshot_list(self, volume_id, **kwargs):
         return self.client.call('Network_Storage', 'getSnapshots',
                                 id=volume_id, **kwargs)
 
+    def authorize_host_to_volume(self, volume_id,
+                                 hardware_ids=None,
+                                 virtual_guest_ids=None,
+                                 ip_address_ids=None):
+        """Authorizes hosts to Block Storage Volumes
+
+        :param volume_id: The Volume to authorize hosts to
+        :param hardware_ids: A List of SoftLayer_Hardware ids
+        :param virtual_guest_ids: A List of SoftLayer_Virtual_Guest ids
+        :param ip_address_ids: A List of SoftLayer_Network_Subnet_IpAddress ids
+        """
+        host_templates = []
+
+        if hardware_ids is not None:
+            for hardware_id in hardware_ids:
+                host_templates.append({
+                    'objectType': 'SoftLayer_Hardware',
+                    'id': hardware_id
+                })
+
+        if virtual_guest_ids is not None:
+            for virtual_guest_id in virtual_guest_ids:
+                host_templates.append({
+                    'objectType': 'SoftLayer_Virtual_Guest',
+                    'id': virtual_guest_id
+                })
+
+        if ip_address_ids is not None:
+            for ip_address_id in ip_address_ids:
+                host_templates.append({
+                    'objectType': 'SoftLayer_Network_Subnet_IpAddress',
+                    'id': ip_address_id
+                })
+
+        return self.client.call('Network_Storage', 'allowAccessFromHostList',
+                                host_templates, id=volume_id)
+
+    def deauthorize_host_to_volume(self, volume_id,
+                                   hardware_ids=None,
+                                   virtual_guest_ids=None,
+                                   ip_address_ids=None):
+        """Revokes authorization of hosts to Block Storage Volumes
+
+        :param volume_id: The Volume to deauthorize hosts to
+        :param hardware_ids: A List of SoftLayer_Hardware ids
+        :param virtual_guest_ids: A List of SoftLayer_Virtual_Guest ids
+        :param ip_address_ids: A List of SoftLayer_Network_Subnet_IpAddress ids
+        """
+        host_templates = []
+
+        if hardware_ids is not None:
+            for hardware_id in hardware_ids:
+                host_templates.append({
+                    'objectType': 'SoftLayer_Hardware',
+                    'id': hardware_id
+                })
+
+        if virtual_guest_ids is not None:
+            for virtual_guest_id in virtual_guest_ids:
+                host_templates.append({
+                    'objectType': 'SoftLayer_Virtual_Guest',
+                    'id': virtual_guest_id
+                })
+
+        if ip_address_ids is not None:
+            for ip_address_id in ip_address_ids:
+                host_templates.append({
+                    'objectType': 'SoftLayer_Network_Subnet_IpAddress',
+                    'id': ip_address_id
+                })
+
+        return self.client.call('Network_Storage', 'removeAccessFromHostList',
+                                host_templates, id=volume_id)
+
     def delete_snapshot(self, snapshot_id):
         """Deletes the specified snapshot object.
 
diff --git a/tests/managers/block_tests.py b/tests/managers/block_tests.py
@@ -210,3 +210,19 @@ def test_order_block_volume_endurance(self):
                     'setupFee': '1'}],
                 },
             )
+
+    def test_authorize_host_to_volume(self):
+        result = self.block.authorize_host_to_volume(50,
+                                                     hardware_ids=[100],
+                                                     virtual_guest_ids=[200],
+                                                     ip_address_ids=[300])
+        self.assertEqual(fixtures.SoftLayer_Network_Storage.
+                         allowAccessFromHostList, result)
+
+    def test_deauthorize_host_to_volume(self):
+        result = self.block.authorize_host_to_volume(50,
+                                                     hardware_ids=[100],
+                                                     virtual_guest_ids=[200],
+                                                     ip_address_ids=[300])
+        self.assertEqual(fixtures.SoftLayer_Network_Storage.
+                         removeAccessFromHostList, result)

Original file line number	Diff line number	Diff line change
`@@ -63,3 +63,5 @@`
`63`	`63`	`}`
`64`	`64`	`getSnapshots = []`
`65`	`65`	`deleteObject = True`
	`66`	`+allowAccessFromHostList = True`
	`67`	`+removeAccessFromHostList = True`